From a31755fa1c75b1e656cf1e713632afe98fb4c3fb Mon Sep 17 00:00:00 2001
From: dcashman <dcashman@google.com>
Date: Tue, 5 Jan 2016 14:32:54 -0800
Subject: [PATCH] Add sysfs_batteryinfo label.

Shell user needs to be able to get current device battery_level via
/sys/class/power_supply/battery/capacity.  Create a global label and
corresponding policy for accessing this.  Rely on each device to label
the appropriate sysfs entry.

Bug: 26219114
Change-Id: I2c5ef489a9db2fdf7bbd5afd04278214b814351c
---
 file.te    | 1 +
 healthd.te | 2 ++
 shell.te   | 2 ++
 3 files changed, 5 insertions(+)

diff --git a/file.te b/file.te
index 374ff6bd2..0c965a38b 100644
--- a/file.te
+++ b/file.te
@@ -22,6 +22,7 @@ type selinuxfs, fs_type, mlstrustedobject;
 type cgroup, fs_type, mlstrustedobject;
 type sysfs, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_writable, fs_type, sysfs_type, mlstrustedobject;
+type sysfs_batteryinfo, fs_type, sysfs_type;
 type sysfs_bluetooth_writable, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_wake_lock, fs_type, sysfs_type;
diff --git a/healthd.te b/healthd.te
index 48be64d99..d09eab490 100644
--- a/healthd.te
+++ b/healthd.te
@@ -16,6 +16,8 @@ binder_call(healthd, system_server)
 # TODO:  Split into a separate type?
 allow healthd sysfs:file write;
 
+allow healthd sysfs_batteryinfo:file r_file_perms;
+
 ###
 ### healthd: charger mode
 ###
diff --git a/shell.te b/shell.te
index 1ae7169e5..cb2bcbe83 100644
--- a/shell.te
+++ b/shell.te
@@ -119,6 +119,8 @@ allow shell bootchart_data_file:file create_file_perms;
 # Make sure strace works for the non-privileged shell user
 allow shell self:process ptrace;
 
+# allow shell to get battery info
+allow shell sysfs_batteryinfo:file r_file_perms;
 
 # Allow access to ion memory allocation device.
 allow shell ion_device:chr_file rw_file_perms;
-- 
GitLab